]> git.proxmox.com Git - mirror_edk2.git/blob - OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c
projects / mirror_edk2.git / blob
? search:


e1e705c346263352d43dbe97b81bdf7c9c561436
[mirror_edk2.git] / OvmfPkg / Library / BaseMemEncryptSevLib / X64 / VirtualMemory.c
1 /** @file
2
3 Virtual Memory Management Services to set or clear the memory encryption bit
4
5 Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
6 Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
7
8 This program and the accompanying materials
9 are licensed and made available under the terms and conditions of the BSD License
10 which accompanies this distribution. The full text of the license may be found at
11 http://opensource.org/licenses/bsd-license.php
12
13 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
14 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15
16 Code is derived from MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
17
18 **/
19
20 #include <Library/CpuLib.h>
21 #include <Register/Cpuid.h>
22 #include <Register/Amd/Cpuid.h>
23
24 #include "VirtualMemory.h"
25
26 STATIC BOOLEAN mAddressEncMaskChecked = FALSE;
27 STATIC UINT64 mAddressEncMask;
28
29 typedef enum {
30 SetCBit,
31 ClearCBit
32 } MAP_RANGE_MODE;
33
34 /**
35 Get the memory encryption mask
36
37 @param[out] EncryptionMask contains the pte mask.
38
39 **/
40 STATIC
41 UINT64
42 GetMemEncryptionAddressMask (
43 VOID
44 )
45 {
46 UINT64 EncryptionMask;
47 CPUID_MEMORY_ENCRYPTION_INFO_EBX Ebx;
48
49 if (mAddressEncMaskChecked) {
50 return mAddressEncMask;
51 }
52
53 //
54 // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position)
55 //
56 AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL);
57 EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits);
58
59 mAddressEncMask = EncryptionMask & PAGING_1G_ADDRESS_MASK_64;
60 mAddressEncMaskChecked = TRUE;
61
62 return mAddressEncMask;
63 }
64
65 /**
66 Split 2M page to 4K.
67
68 @param[in] PhysicalAddress Start physical address the 2M page covered.
69 @param[in, out] PageEntry2M Pointer to 2M page entry.
70 @param[in] StackBase Stack base address.
71 @param[in] StackSize Stack size.
72
73 **/
74 STATIC
75 VOID
76 Split2MPageTo4K (
77 IN PHYSICAL_ADDRESS PhysicalAddress,
78 IN OUT UINT64 *PageEntry2M,
79 IN PHYSICAL_ADDRESS StackBase,
80 IN UINTN StackSize
81 )
82 {
83 PHYSICAL_ADDRESS PhysicalAddress4K;
84 UINTN IndexOfPageTableEntries;
85 PAGE_TABLE_4K_ENTRY *PageTableEntry, *PageTableEntry1;
86 UINT64 AddressEncMask;
87
88 PageTableEntry = AllocatePages(1);
89
90 PageTableEntry1 = PageTableEntry;
91
92 AddressEncMask = GetMemEncryptionAddressMask ();
93
94 ASSERT (PageTableEntry != NULL);
95 ASSERT (*PageEntry2M & AddressEncMask);
96
97 PhysicalAddress4K = PhysicalAddress;
98 for (IndexOfPageTableEntries = 0; IndexOfPageTableEntries < 512; IndexOfPageTableEntries++, PageTableEntry++, PhysicalAddress4K += SIZE_4KB) {
99 //
100 // Fill in the Page Table entries
101 //
102 PageTableEntry->Uint64 = (UINT64) PhysicalAddress4K | AddressEncMask;
103 PageTableEntry->Bits.ReadWrite = 1;
104 PageTableEntry->Bits.Present = 1;
105 if ((PhysicalAddress4K >= StackBase) && (PhysicalAddress4K < StackBase + StackSize)) {
106 //
107 // Set Nx bit for stack.
108 //
109 PageTableEntry->Bits.Nx = 1;
110 }
111 }
112
113 //
114 // Fill in 2M page entry.
115 //
116 *PageEntry2M = (UINT64) (UINTN) PageTableEntry1 | IA32_PG_P | IA32_PG_RW | AddressEncMask;
117 }
118
119 /**
120 Split 1G page to 2M.
121
122 @param[in] PhysicalAddress Start physical address the 1G page covered.
123 @param[in, out] PageEntry1G Pointer to 1G page entry.
124 @param[in] StackBase Stack base address.
125 @param[in] StackSize Stack size.
126
127 **/
128 STATIC
129 VOID
130 Split1GPageTo2M (
131 IN PHYSICAL_ADDRESS PhysicalAddress,
132 IN OUT UINT64 *PageEntry1G,
133 IN PHYSICAL_ADDRESS StackBase,
134 IN UINTN StackSize
135 )
136 {
137 PHYSICAL_ADDRESS PhysicalAddress2M;
138 UINTN IndexOfPageDirectoryEntries;
139 PAGE_TABLE_ENTRY *PageDirectoryEntry;
140 UINT64 AddressEncMask;
141
142 PageDirectoryEntry = AllocatePages(1);
143
144 AddressEncMask = GetMemEncryptionAddressMask ();
145 ASSERT (PageDirectoryEntry != NULL);
146 ASSERT (*PageEntry1G & GetMemEncryptionAddressMask ());
147 //
148 // Fill in 1G page entry.
149 //
150 *PageEntry1G = (UINT64) (UINTN) PageDirectoryEntry | IA32_PG_P | IA32_PG_RW | AddressEncMask;
151
152 PhysicalAddress2M = PhysicalAddress;
153 for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PhysicalAddress2M += SIZE_2MB) {
154 if ((PhysicalAddress2M < StackBase + StackSize) && ((PhysicalAddress2M + SIZE_2MB) > StackBase)) {
155 //
156 // Need to split this 2M page that covers stack range.
157 //
158 Split2MPageTo4K (PhysicalAddress2M, (UINT64 *) PageDirectoryEntry, StackBase, StackSize);
159 } else {
160 //
161 // Fill in the Page Directory entries
162 //
163 PageDirectoryEntry->Uint64 = (UINT64) PhysicalAddress2M | AddressEncMask;
164 PageDirectoryEntry->Bits.ReadWrite = 1;
165 PageDirectoryEntry->Bits.Present = 1;
166 PageDirectoryEntry->Bits.MustBe1 = 1;
167 }
168 }
169 }
170
171
172 /**
173 Set or Clear the memory encryption bit
174
175 @param[in] PagetablePoint Page table entry pointer (PTE).
176 @param[in] Mode Set or Clear encryption bit
177
178 **/
179 STATIC VOID
180 SetOrClearCBit(
181 IN OUT UINT64* PageTablePointer,
182 IN MAP_RANGE_MODE Mode
183 )
184 {
185 UINT64 AddressEncMask;
186
187 AddressEncMask = GetMemEncryptionAddressMask ();
188
189 if (Mode == SetCBit) {
190 *PageTablePointer |= AddressEncMask;
191 } else {
192 *PageTablePointer &= ~AddressEncMask;
193 }
194
195 }
196
197 /**
198 This function either sets or clears memory encryption bit for the memory region
199 specified by PhysicalAddress and length from the current page table context.
200
201 The function iterates through the physicalAddress one page at a time, and set
202 or clears the memory encryption mask in the page table. If it encounters
203 that a given physical address range is part of large page then it attempts to
204 change the attribute at one go (based on size), otherwise it splits the
205 large pages into smaller (e.g 2M page into 4K pages) and then try to set or
206 clear the encryption bit on the smallest page size.
207
208 @param[in] PhysicalAddress The physical address that is the start
209 address of a memory region.
210 @param[in] Length The length of memory region
211 @param[in] Mode Set or Clear mode
212 @param[in] Flush Flush the caches before applying the
213 encryption mask
214
215 @retval RETURN_SUCCESS The attributes were cleared for the memory
216 region.
217 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
218 @retval RETURN_UNSUPPORTED Setting the memory encyrption attribute is
219 not supported
220 **/
221
222 STATIC
223 RETURN_STATUS
224 EFIAPI
225 SetMemoryEncDec (
226 IN PHYSICAL_ADDRESS Cr3BaseAddress,
227 IN PHYSICAL_ADDRESS PhysicalAddress,
228 IN UINTN Length,
229 IN MAP_RANGE_MODE Mode,
230 IN BOOLEAN CacheFlush
231 )
232 {
233 PAGE_MAP_AND_DIRECTORY_POINTER *PageMapLevel4Entry;
234 PAGE_MAP_AND_DIRECTORY_POINTER *PageUpperDirectoryPointerEntry;
235 PAGE_MAP_AND_DIRECTORY_POINTER *PageDirectoryPointerEntry;
236 PAGE_TABLE_1G_ENTRY *PageDirectory1GEntry;
237 PAGE_TABLE_ENTRY *PageDirectory2MEntry;
238 PAGE_TABLE_4K_ENTRY *PageTableEntry;
239 UINT64 PgTableMask;
240 UINT64 AddressEncMask;
241
242 DEBUG ((
243 DEBUG_VERBOSE,
244 "%a:%a: Cr3Base=0x%Lx Physical=0x%Lx Length=0x%Lx Mode=%a CacheFlush=%u\n",
245 gEfiCallerBaseName,
246 __FUNCTION__,
247 Cr3BaseAddress,
248 PhysicalAddress,
249 (UINT64)Length,
250 (Mode == SetCBit) ? "Encrypt" : "Decrypt",
251 (UINT32)CacheFlush
252 ));
253
254 //
255 // Check if we have a valid memory encryption mask
256 //
257 AddressEncMask = GetMemEncryptionAddressMask ();
258 if (!AddressEncMask) {
259 return RETURN_ACCESS_DENIED;
260 }
261
262 PgTableMask = AddressEncMask | EFI_PAGE_MASK;
263
264 if (Length == 0) {
265 return RETURN_INVALID_PARAMETER;
266 }
267
268 //
269 // We are going to change the memory encryption attribute from C=0 -> C=1 or
270 // vice versa Flush the caches to ensure that data is written into memory with
271 // correct C-bit
272 //
273 if (CacheFlush) {
274 WriteBackInvalidateDataCacheRange((VOID*) (UINTN)PhysicalAddress, Length);
275 }
276
277 while (Length)
278 {
279 //
280 // If Cr3BaseAddress is not specified then read the current CR3
281 //
282 if (Cr3BaseAddress == 0) {
283 Cr3BaseAddress = AsmReadCr3();
284 }
285
286 PageMapLevel4Entry = (VOID*) (Cr3BaseAddress & ~PgTableMask);
287 PageMapLevel4Entry += PML4_OFFSET(PhysicalAddress);
288 if (!PageMapLevel4Entry->Bits.Present) {
289 DEBUG ((
290 DEBUG_ERROR,
291 "%a:%a: bad PML4 for Physical=0x%Lx\n",
292 gEfiCallerBaseName,
293 __FUNCTION__,
294 PhysicalAddress
295 ));
296 return RETURN_NO_MAPPING;
297 }
298
299 PageDirectory1GEntry = (VOID*) ((PageMapLevel4Entry->Bits.PageTableBaseAddress<<12) & ~PgTableMask);
300 PageDirectory1GEntry += PDP_OFFSET(PhysicalAddress);
301 if (!PageDirectory1GEntry->Bits.Present) {
302 DEBUG ((
303 DEBUG_ERROR,
304 "%a:%a: bad PDPE for Physical=0x%Lx\n",
305 gEfiCallerBaseName,
306 __FUNCTION__,
307 PhysicalAddress
308 ));
309 return RETURN_NO_MAPPING;
310 }
311
312 //
313 // If the MustBe1 bit is not 1, it's not actually a 1GB entry
314 //
315 if (PageDirectory1GEntry->Bits.MustBe1) {
316 //
317 // Valid 1GB page
318 // If we have at least 1GB to go, we can just update this entry
319 //
320 if (!(PhysicalAddress & (BIT30 - 1)) && Length >= BIT30) {
321 SetOrClearCBit(&PageDirectory1GEntry->Uint64, Mode);
322 DEBUG ((
323 DEBUG_VERBOSE,
324 "%a:%a: updated 1GB entry for Physical=0x%Lx\n",
325 gEfiCallerBaseName,
326 __FUNCTION__,
327 PhysicalAddress
328 ));
329 PhysicalAddress += BIT30;
330 Length -= BIT30;
331 } else {
332 //
333 // We must split the page
334 //
335 DEBUG ((
336 DEBUG_VERBOSE,
337 "%a:%a: splitting 1GB page for Physical=0x%Lx\n",
338 gEfiCallerBaseName,
339 __FUNCTION__,
340 PhysicalAddress
341 ));
342 Split1GPageTo2M(((UINT64)PageDirectory1GEntry->Bits.PageTableBaseAddress)<<30, (UINT64*) PageDirectory1GEntry, 0, 0);
343 continue;
344 }
345 } else {
346 //
347 // Actually a PDP
348 //
349 PageUpperDirectoryPointerEntry = (PAGE_MAP_AND_DIRECTORY_POINTER*) PageDirectory1GEntry;
350 PageDirectory2MEntry = (VOID*) ((PageUpperDirectoryPointerEntry->Bits.PageTableBaseAddress<<12) & ~PgTableMask);
351 PageDirectory2MEntry += PDE_OFFSET(PhysicalAddress);
352 if (!PageDirectory2MEntry->Bits.Present) {
353 DEBUG ((
354 DEBUG_ERROR,
355 "%a:%a: bad PDE for Physical=0x%Lx\n",
356 gEfiCallerBaseName,
357 __FUNCTION__,
358 PhysicalAddress
359 ));
360 return RETURN_NO_MAPPING;
361 }
362 //
363 // If the MustBe1 bit is not a 1, it's not a 2MB entry
364 //
365 if (PageDirectory2MEntry->Bits.MustBe1) {
366 //
367 // Valid 2MB page
368 // If we have at least 2MB left to go, we can just update this entry
369 //
370 if (!(PhysicalAddress & (BIT21-1)) && Length >= BIT21) {
371 SetOrClearCBit (&PageDirectory2MEntry->Uint64, Mode);
372 PhysicalAddress += BIT21;
373 Length -= BIT21;
374 } else {
375 //
376 // We must split up this page into 4K pages
377 //
378 DEBUG ((
379 DEBUG_VERBOSE,
380 "%a:%a: splitting 2MB page for Physical=0x%Lx\n",
381 gEfiCallerBaseName,
382 __FUNCTION__,
383 PhysicalAddress
384 ));
385 Split2MPageTo4K (((UINT64)PageDirectory2MEntry->Bits.PageTableBaseAddress) << 21, (UINT64*) PageDirectory2MEntry, 0, 0);
386 continue;
387 }
388 } else {
389 PageDirectoryPointerEntry = (PAGE_MAP_AND_DIRECTORY_POINTER*) PageDirectory2MEntry;
390 PageTableEntry = (VOID*) (PageDirectoryPointerEntry->Bits.PageTableBaseAddress<<12 & ~PgTableMask);
391 PageTableEntry += PTE_OFFSET(PhysicalAddress);
392 if (!PageTableEntry->Bits.Present) {
393 DEBUG ((
394 DEBUG_ERROR,
395 "%a:%a: bad PTE for Physical=0x%Lx\n",
396 gEfiCallerBaseName,
397 __FUNCTION__,
398 PhysicalAddress
399 ));
400 return RETURN_NO_MAPPING;
401 }
402 SetOrClearCBit (&PageTableEntry->Uint64, Mode);
403 PhysicalAddress += EFI_PAGE_SIZE;
404 Length -= EFI_PAGE_SIZE;
405 }
406 }
407 }
408
409 //
410 // Flush TLB
411 //
412 CpuFlushTlb();
413
414 return RETURN_SUCCESS;
415 }
416
417 /**
418 This function clears memory encryption bit for the memory region specified by
419 PhysicalAddress and length from the current page table context.
420
421 @param[in] PhysicalAddress The physical address that is the start
422 address of a memory region.
423 @param[in] Length The length of memory region
424 @param[in] Flush Flush the caches before applying the
425 encryption mask
426
427 @retval RETURN_SUCCESS The attributes were cleared for the memory
428 region.
429 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
430 @retval RETURN_UNSUPPORTED Setting the memory encyrption attribute is
431 not supported
432 **/
433 RETURN_STATUS
434 EFIAPI
435 InternalMemEncryptSevSetMemoryDecrypted (
436 IN PHYSICAL_ADDRESS Cr3BaseAddress,
437 IN PHYSICAL_ADDRESS PhysicalAddress,
438 IN UINTN Length,
439 IN BOOLEAN Flush
440 )
441 {
442
443 return SetMemoryEncDec (Cr3BaseAddress, PhysicalAddress, Length, ClearCBit, Flush);
444 }
445
446 /**
447 This function sets memory encryption bit for the memory region specified by
448 PhysicalAddress and length from the current page table context.
449
450 @param[in] PhysicalAddress The physical address that is the start address
451 of a memory region.
452 @param[in] Length The length of memory region
453 @param[in] Flush Flush the caches before applying the
454 encryption mask
455
456 @retval RETURN_SUCCESS The attributes were cleared for the memory
457 region.
458 @retval RETURN_INVALID_PARAMETER Number of pages is zero.
459 @retval RETURN_UNSUPPORTED Setting the memory encyrption attribute is
460 not supported
461 **/
462 RETURN_STATUS
463 EFIAPI
464 InternalMemEncryptSevSetMemoryEncrypted (
465 IN PHYSICAL_ADDRESS Cr3BaseAddress,
466 IN PHYSICAL_ADDRESS PhysicalAddress,
467 IN UINTN Length,
468 IN BOOLEAN Flush
469 )
470 {
471 return SetMemoryEncDec (Cr3BaseAddress, PhysicalAddress, Length, SetCBit, Flush);
472 }
EFI Development Kit II mirror for PVE